31,703
edits
Changes
OpenVPN server on Windows (view source)
Revision as of 10:29, 17 September 2018
, 10:29, 17 September 2018→Step 2: generating TLS certificates and keys
cd "C:\Program Files\OpenVPN\easy-rsa"
cd "C:\Program Files\OpenVPN\easy-rsa"
----
----
*
* Initialize the OpenVPN configuration with the following command:
init-config
init-config
----
* Open the '''''vars.bat''''' file with the Notepad text editor:
notepad vars.bat
----
* This is template file for generating certificates, i.e., the information stored here will be offered as default values during certificate generation. Locate and edit the following lines according to your needs:
set KEY_COUNTRY=US
set KEY_PROVINCE=CA
set KEY_CITY=SanFrancisco
set KEY_ORG=OpenVPN
----
* You can also set the size for the Diffie Hellman parameters:
set DH_KEY_SIZE=2048
----
* Once you're done, save the file and close the editor
----
* Run the following commands:
vars
clean-all
----
* Now we can start generating the certificates. Begin with the '''certificate authority''' ('''CA''') file:
build-ca
'''NOTE''': you can press the "Enter" key when prompted to enter the values set in the ''vars.bat'' file earlier. Doing this will set the values to the default specified in ''vars.bat''. However, you should type in a meaningful '''Common Name'''.
----
* Next, build the '''server''' certificate and key:
build-key-server server
'''NOTE''': once again, don't forget to specify a different Common Name. When prompted the sign and commit the certificate, type '''y''' and press "Enter".
----
* Next, build certificates and keys for the '''clients''':
build-key Client1
'''TIP''': use the same Common Name as the certificate name (Client1 in this example). This will help you differentiate different clients easier. Pick meaningful names like "toms_PC", "company_maintenance", etc. Repeat this step as many times as you need, depending on the client quantity.
----
* Lastly, generate '''Diffie Hellman parameters''':
build-dh
==Step 3: OpenVPN server configuration==
*